CVE-2023-25759 Information

Description

OS Command Injection in TripleData Reporting Engine in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated users to run unprivileged OS level commands via a crafted request payload.

Reference

https://tripleplay.tv https://tripleplay.tv/wp-content/uploads/2023/03/CVE-2023-25759-Summary.pdf